See all articles

How to Automatically Schedule Your Dokku Database Backups

iRonin IT Team - Experts in software development
devops, backups, dokku, infrastructure, database

The first rule of software is that you need to create and store database backups from time to time. This is also the case when using Dokku with PostgreSQL for hosting your apps. To automate the process and make it easier, it’s best to schedule your backups automatically, encrypt them and send to your AWS S3. We provide the know how in our step-by-step explanation.

Having backups of your data is an essential security measure in the world of IT, although it may seem like a bit of a headache sometimes - remembering to creating backups for all your data, projects, apps, etc. Automation of this process in any measure will save you a bit of time and energy. Thanks to a recent PostgreSQL plugin version, you can now encrypt a database dump before sending it to the AWS S3, which makes it a feasible solution for backing up your database to one side. Let’s then take you through the process of backup management with Dokku: scheduling backups automatically, encrypting them and then sending them to AWS S3.

Tutorial

First of all you need to ensure you are using latest version of the PostgreSQL plugin. To update it run:

dokku plugin:update postgresql

Now we can provide an encryption key for backup:

dokku postgres:backup-set-encryption app-name ENCRYPTION_KEY

ENCRYPTION_KEY must be a phrase (string) that will be used for encrypting the backup - at the time of writing this, the plugin does not support using GPG keys from a GPG agent.

We suggest using a password generator to generate random, long passwords for encryption.

After that, create a new user for AWS with ACCESS_KEY and SECRET_ACCESS_KEY. Here is the minimum policy which allows us to create backups in a bucket:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "s3:ListAllMyBuckets",
                "s3:GetBucketLocation"
            ],
            "Effect": "Allow",
            "Resource": [
                "arn:aws:s3:::*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::your-bucket-name",
                "arn:aws:s3:::your-bucket-name/*"
            ]
        }
    ]
}

Remember to update your-bucket-name with the actual name of the S3 bucket where you are going to store your database dumps.

Now you can provide credentials to the plugin:

dokku postgres:backup-auth app-name AWS_ACCESS_KEY AWS_SECRET_ACCESS_KEY

To check if backups are working correctly, run the command:

dokku postgres:backup app-name bucket-name

It should create a new database dump in your bucket. You will need to provide the ENCRYPTION_KEY in order to decrypt it.

If everything is working, you can then schedule automatic backups using crontab rules:

# Perform database backup for `app-name` and push to `bucket` every day at 10:00
dokku postgres:backup-schedule app-name 0 10 * * * bucket

To restore a database from the backup, use pg_restore (to avoid encoding issues).

We hope you have found our step-by-step guide on automatically scheduled database backups in Dokku a useful one - and make sure to check out our other blog posts for other automation tips and tricks. At iRonin we are all about finding the solutions to help minimize repetitive manual work in our clients’ software management configurations. Our expert DevOps team can help to save you time, money, and resources by re-configuring your systems. Contact us to find out more!

Author's Bio
iRonin IT Team

Experts in software development

We are a 100% remote team of software development experts, providing web & mobile application development and DevOps services for international clients.

Similar articles
Comments

Bulletproof your development with remote team augmentation

Read how
Our websites and web services use cookies. We use cookies and collected data to enhance your experience, provide additional communication channels, improve marketing materials and enhance our offer. IRONIN SP. Z O.O. SP. K. is committed to protecting all the data that we collect or process in any way, especially data of personal nature. By accepting these terms you agree to our usage of cookies and processing your data, according to our Privacy Policy, and you declare that your browser settings reflect your preferences. Read more You have the right to revoke this agreement at any time, based on the terms of our Privacy Policy. You can change cookies settings in your browser. If you do not agree with us using cookies and processing your data, please change your cookies settings in your web browser and reject these terms. You can find more information about cookies, your data privacy This site uses cookies. By continuing to browse the site, you are agreeing to our use of cookies. data processing, and your rights in our Privacy Policy.